Endpoint Monitoring settings reference

Enables or disables scanning of file metadata on all removable media, such as USB drives or SD cards.

Enables or disables detection of syncing files using these cloud storage apps:

• Box
• Box Drive (Mac only)
• Dropbox
• Google Backup and Sync
• iCloud
• OneDrive
  Code42 watches a personal OneDrive account and up to two OneDrive for Business accounts on each device

Enables or disables detection of files accessed by web browsers and other applications (for example, uploading attachments to web-based email or downloading files via FTP). 

This may also include other instances of apps accessing a file, such as opening a local file to view it in a web browser without actually uploading it.

Enables or disables detection of file-restore activity, such as restores of files belonging to other users.

Enables or disables detection of dangerous, malicious, or sensitive file metadata and file contents based on specified patterns using the YARA rule framework. Pattern matching requires creating a YARA rule file and manually deploying it to each user device. Unlike the other types of endpoint monitoring, pattern matching only searches files included in the user's backup file selection.

Pattern matching can scan for MD5 hash and filename matches on any file, but does not extract file contents of binary or compressed files. Practically speaking, this means pattern matching only searches the contents of plain text files, unless you create a rule targeting a specific binary string.

Enables or disables Forensic File Search. Forensic File Search provides detailed visibility for Code42 administrators about:

• Files on user devices, including files not selected for backup
• Files stored only in cloud services

This enables administrators to search file metadata to gain a clearer understanding of file activity throughout the organization.

Requires a product plan that includes Forensic File Search.